Web Debug

Fix broken web applications, from servers to clients.

How to capture a crash dump during application startup

As documented by Microsoft KB it is easy to capture crash dump when the application is up and running. However there are cases application crashes during startup. How to capture such crash dump during application startup?

Here are a few ways to achieve the goal.


1. ProcDump

ProcDump support a -x parameter launch a process and then monitor it for exceptions:

-x
Launch the specified image with optional arguments. If it is a Modern Application or Package, ProcDump will start on the next activation (only).

Example:

C:\>procdump -e 1 -f "" -x c:\dumps consume.exe


2. WinDBG

You can install WinDBG on the client machine and then use File – Open Executable to launch  the application, press g (Go) and wait for the process to crash then type *.dump /mfh [dump file name] *. Now you have dump file that you can debug.


3. GFlags

If you can't easily start the program under the debugger (for example, if it is actually a Windows service), use gflags to make Windows start the program under the debugger. This will create a subkey for your program filename under the Image File Execution Options registry key.


4. Postmortem debugger

Enable Postmortem debugger.


5. WER

If you can't run a debugger, not even ProcDump, you can use Windows' built-in crash dump facility to create a dump automatically:

Starting with Windows Server 2008 and Windows Vista with Service Pack 1 (SP1), Windows Error Reporting (WER) can be configured so that full user-mode dumps are collected and stored locally after a user-mode application crashes. Applications that do their own custom crash reporting, including .NET applications, are not supported by this feature.

http://msdn.microsoft.com/library/windows/desktop/bb787181


6. ADPlus

Monitoring for a certain process to start and to crash:

adplus.exe -crash -pmn notepad -o C:\Dumps

The parameter passed to adplus in –pmn is the name of the process to monitor and the parameter after –o is the directory where the DMP files will be collected.

Fork me on GitHub